What kind of network configurations are possible for the Nightingale server/module?
Nightingale is designed to enable a wide spectrum of different configurations, according to the security needs of a network. It can be deployed as an independent server on the back end of a network, offering protection of application servers. By placing the Nightingale server in a different physical location and/or administrative domain as the application servers it protects, it is possible to achieve effective secret-splitting and a high level of security. In fact, the Nightingale server can even be administered by an outside entity. Thanks to the secret-splitting in Nightingale, this entity does not learn any information at all about the sensitive data on your application servers. In fact, special cryptographic protocols ensure that the Nightingale server does not even know the account names used by the application server – the shares are stored anonymously. Thus with Nightingale it is possible to create a new security paradigm in which privacy is outsourced.
